Stop including standard headers via cryptlib.h - pull in the headers that
are needed in the source files that actually require them.

ok beck@ miod@

remove unused, private version strings except SSL_version_str

Also remove unused des_ver.h, which exports some of these strings, but is not installed.

ok miod@ tedu@

tags as requested by miod and tedu

no need for null check before free. from Brendan MacDonell

Replace all use of ERR_add_error_data with ERR_asprintf_error_data.
This avoids a lot of ugly gymnastics to do snprintfs before sending the
bag of strings to ERR, and eliminates at least one place in

Replace all use of ERR_add_error_data with ERR_asprintf_error_data.
This avoids a lot of ugly gymnastics to do snprintfs before sending the
bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c
where it was being called with the incorrect number of arguments and
using random things off the stack as addresses of strings.
ok krw@, jsing@

show more ...

improve realloc/calloc/malloc patterns; ok guenther

ASN1_STRING cleanup - realloc has handled NULL since I had a mullet
and parachute pants - and since it's obvious there is no guarantee
the caller doesn't pass in the data area in the argument, use me

ASN1_STRING cleanup - realloc has handled NULL since I had a mullet
and parachute pants - and since it's obvious there is no guarantee
the caller doesn't pass in the data area in the argument, use memmove
instead of memcpy so overlapping areas are handled correctly.
Also, pointers can be usefully printed in hex with %p, in error messaeges
rather than the bizzaro stuff that was there using mystical buffer lengths
and abuse of strlcpy-converted-blindly-from-strcpy

show more ...

We'll interpret a (void) cast on snprintf() to mean it's been verified that
truncation is either desirable, not an issue, or is detected and handled later

ok deraadt@

More KNF.

lob a few more knf grenades in here to soften things up.

putting most of the braces in the right column is the very least we can do.

Change library to use intrinsic memory allocation functions instead of
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free

Part 1 of eliminating BIO_snprintf(). This fixes mechanical conversions
where the return value is ignored changing to (void) snprintf.
ok deraadt@

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7d

security fix from http://www.openssl.org/news/secadv_20030930.txt
see also http://cvs.openssl.org/chngview?cn=11471

Trivial sprintf() -> snprintf() changes. ok deraadt@

merge openssl-0.9.7-beta3, tested on vax by miod@

Better fixes from openssl cvs; from markus@

typo; from openssl cvs

apply patches from OpenSSL Security Advisory [30 July 2002],
http://marc.theaimsgroup.com/?l=openssl-dev&m=102802395104110&w=2

OpenSSL 0.9.7 stable 2002 05 08 merge

openssl-engine-0.9.6a merge